Massive spam attack in support forums

It's insanity. What I don't understand is how they can keep posting even after being marked as spammers - isn't that the whole point of marking someone as a spammer?

Blocking works better I guess.

There may have been changes to the way the spam prevention works.

Blocked a few, deleted a few 100 posts...

I'm still seeing a bunch of posts in at least the module development forum and the theme forum. And the Upgrading Drupal forum looks full as well.

I think I got them all now.

There used to be a snippet in settings.php that would disallow any posting of Korean characters. I guess that needs to be put in again. I am not able to do spam-sitting d.o on a regular basis again.

I am not able to do spam-sitting d.o on a regular basis again.

Looks like no one is. We were getting spammed for 24 hours straight, even though at least two of us were reporting them (count based on this thread).

And there it goes again. I just reported some more.

I delete all the spam I found, including some old unpublished posts.

They're baaaaack....
I've given up on marking spammers as spammers though - it seems to have no effect. They just keep spamming.

Bumping the priority ..

May be its time to think about better spam prevention solution.

Definitely the spam prevention is not working. I marked the user as spammer. After that, this user was able to create spam posts.

https://www.drupal.org/user/3572483/track

Moving issue to Infrastructure Queue.

Thanks for the reports, we were/are under a pretty heavy spam attack (and as you mentioned it's been going on for a while) and have been making adjustments within our current tool set to mitigate it as much as possible.

The main reason reporting someone as a spammer doesn't stop them from posting (though maybe we should consider changing this slightly) is because in the past it has been used as a weapon to try to silence someone during a debate, where that person had valid but opposing views. We want to ensure that our anti-spam tools can’t be used abusively.

Thanks everyone for your help in the spam fight.

The main reason reporting someone as a spammer doesn't stop them from posting (though maybe we should consider changing this slightly) is because in the past it has been used as a weapon to try to silence someone during a debate, where that person had valid but opposing views. We want to ensure that our anti-spam tools can’t be used abusively.

I can understand that, but I think two things:

1) If someone does that, they should be severely reprimanded for abuse of the system. No one does that accidentally, it takes effort to mark someone as a spammer, and they can unmark them as well.

2) If someone is marked as a spammer, maybe they shouldn't be blocked from posting altogether, but rather throttled (six posts an hour or something)

Thats a lot of spam post by this user
https://www.drupal.org/user/3572884. Its clear that this user was a super spammer, i blocked the account instead of just reporting as spammer.

posted around 500+ junk forum posts in < 2 hours. Definitely its a LOT & automation.

I don't read korean, but i was able to clearly make that judgement with help of translation tools

I don't read korean, but i was able to clearly make that judgement with help of translation tools

It was pretty clear they were a spammer without a translation tool!

Its clear that this user was a super spammer, i blocked the account instead of just reporting as spammer.

gobinathm - yes, blocking is exactly what you should be doing as a webmaster. Reporting as spam is only meant to alert webmasters to probable spam. (There are some mis-reports of spam.) Webmasters are responsible for reviewing posts marked as spam and taking action.

We now have Akismet blocking spam.